Trust Assessment
ethermail received a trust score of 81/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 4 findings: 0 critical, 0 high, 3 medium, and 1 low severity. Key findings include Unpinned npm dependency version, Node lockfile missing, WalletConnect URI with symmetric key printed to stdout.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Unpinned npm dependency version Dependency 'puppeteer' is not pinned to an exact version ('^21.0.0'). Pin dependencies to exact versions to reduce drift and supply-chain risk. | Dependencies | skills/daaab/ethermail/package.json | |
| MEDIUM | WalletConnect URI with symmetric key printed to stdout The `scripts/extract-wc-uri.js` script extracts a WalletConnect URI, which includes a symmetric key (`symKey`), and prints it directly to `stdout`. If the AI agent's environment logs `stdout` or if the output is not handled securely, this sensitive information could be exfiltrated or exposed. The skill then instructs the agent to use this URI, implying it will be captured from `stdout`. Advise users to ensure `stdout` is handled securely and not logged in plain text. If possible, consider alternative secure communication channels for the URI or ensure the agent processes it directly from memory without writing to persistent logs. The skill could also explicitly warn about the sensitivity of the URI output. | LLM | scripts/extract-wc-uri.js:70 | |
| MEDIUM | Instruction to handle private key in environment variable The skill instructs the AI agent to set a `PRIVATE_KEY` environment variable for use with the `walletconnect-agent` skill. While the skill provides security advice ("Never commit private keys", "Store credentials in environment variables or secure files"), handling private keys directly in environment variables can expose them to other processes on the system or to logs if not managed carefully. This increases the risk of credential compromise if the agent's execution environment is not fully secured. Emphasize the use of secure secret management systems (e.g., KMS, vault services) instead of plain environment variables, especially for production deployments. Advise against storing private keys in plain text files or directly in shell history. | LLM | SKILL.md:102 | |
| LOW | Node lockfile missing package.json is present but no lockfile was found (package-lock.json, pnpm-lock.yaml, or yarn.lock). Commit a lockfile for deterministic dependency resolution. | Dependencies | skills/daaab/ethermail/package.json |
Scan History
Embed Code
[](https://skillshield.io/report/05ac24255577aa2d)
Powered by SkillShield